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DETAILED ACTION 

1. Claims 1-30 have been examined. 

Claim Rejections - 35 USC § 101 

2. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or 
composition of matter, or any new and useful improvement thereof, may obtain a patent 
therefor, subject to the conditions and requirements of this title. 

3. Claims 21-30 are rejected under 35 U.S.C. 101 because the claimed 
invention is directed to non-statutory subject matter. 

Claims 21-30 are directed to a computer program product. However, the 
computer program product is software, per se to one of ordinary skill in the art. 
There is no element positively recited as part of the computer product in the 
claims. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

5. The factual inquiries set forth in Graham v. John Deere Co,, 383 U.S. 1 , 
148 USPQ 459 (1966), that are applied for establishing a background for 
determining obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 
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2. Ascertaining the differences between the prior art and the claims at 
issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 

6. This application currently names joint inventors. In considering 
patentability of the claims under 35 U.S.C. 103(a), the examiner presumes that 
the subject matter of the various claims was commonly owned at the time any 
inventions covered therein were made absent any evidence to the contrary. 
Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor 
and invention dates of each claim that was not commonly owned at the time a 
later invention was made in order for the examiner to consider the applicability of 
35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) prior art under 35 
U.S.C. 103(a). 

7. Claims 1-30 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Kern et al. (U.S. Patent No. 6,336,187) in view of Kohara et al. (U.S. Pub. 
No. 2003/0182566) 

As per claims 1 and 11, Kern et al. discloses a method/apparatus 
comprising: 

Encrypting ("encoding" - e.g. col. 10, line 12 and "public key encryption" - 
e.g. col. 10, line 30) a plurality of non-volatile storage regions ("..The storage 108 
may be implemented by one or more storage devices of various types, such as 
magnetic disk drive, magnetic tape, optical disk..." - e.g. col. 5, line 60 - col. 6, 
line 4 and "The nonvolatile storage 206 may comprise, for example, one or more 
magnetic data storage disks such as a "hard drive", a tape drive, or any other 
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suitable storage device" - e.g. col. 6, lines 23-25), each being encrypted using a 
different ("...initially storing a security key in association with a storage region..." 

- e.g. abstract and col. 1, lines 46-49) encryption key ("As an enhancement to 
the embodiment described above, the controller 106 may direct the storage 108 
to employ the reference access key in encoding or decoding data during the 
storage operation of step 516. In this embodiment, if the requested storage area 
is protected (i.e., it has an associated reference access key), and the host- 
submitted input access key is valid, the controller 106 uses the access key to 
encode or decode data involved in the storage access operation... Encoding and 
decoding in this embodiment may use a number of different techniques that are 
well known to those in the relevant art. For instance, one useful technique is 
public key encryption. By using such encoding/decoding, stored data enjoys two 
levels of protection... .by encoding data of the storage region with the key" - e.g. 
col. 10, lines 10-35); 

granting the first user ("one or more hosts" - e.g. abstract. Please note 
one or more hosts corresponds to Applicant's first user and second user) access 
to a corresponding first subset of non-volatile storage regions (e.g. col. 2, line 64 

- col. 3, line 9) and making a second subset of the encryption keys available to a 
second user thereby granting the second user ("one or more hosts" - e.g. 
abstract. Please note one or more hosts corresponds to Applicant's first user 
and second user.) access to a corresponding second subset of non-volatile 
storage regions (e.g. col. 2, line 64 - col. 3, line 9). 
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Kern et al. does not disclose expressly the encryption key is from a set of 
encryption keys, making a first subset/second subset of the encryption keys 
available to the first user/second user thereby granting the first user/second user, 
the first/second subset of the encryption keys consisting of one, a plurality, or all 
of the encryption keys. 

Kohara et al. discloses the encryption key is from a set of encryption keys, 
making a first subset/second subset of the encryption keys available to the first 
user/second user and the first/second subset of the encryption keys consisting of 
one, a plurality, or all of the encryption keys (e.g. paragraphs [0010] - [0012] and 
abstract) 

Kern et al. and Kohara et al. are analogous art because they are from the 
same field of endeavor of protecting data stored on nonvolatile storage section. 

At the time of the invention it would have been obvious to a person of 
ordinary skill in the art to incorporate the encryption key is from a set of 
encryption keys, making a first subset/second subset of the encryption keys 
available to the first user/second user into Kern et al.'s method/apparatus. 

The motivation of doing so would have been "generated plural encryption 
keys make a very low probability of occurrence of an identical encryption key 
because the pseudorandom number is used for the encryption key c. 
Consequently, allocation of the generated latest encryption key to the user can 
differ the plural encryption keys allocated at the different generation timings of 
the pseudorandom numbers at a high probability. This allows data encryption 
keys, and it is possible to store plural kinds of encrypted data, each of which has 
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a different encryption key, in the nonvolatile storage section" and "to prevent the 
non-interested persons from recognizing stored data in a nonvolatile storage 
medium in chain manner", as taught by Kohara et al. (paragraphs [0007] and 
[0012]) 

As per claims 2 and 12, the combined teachings of Kern et al. and 
Kohara et al. disclose a method/apparatus as applied above in claims 1 and 1 1 . 
Kern et al. further discloses comprising: 

generating a first private-public encryption key pair and a second private- 
public encryption key pair ("public key encryption" - e.g. coL 10, line 30. Please 
note to a person with ordinary skill in the art that public key encryption is an 
asymmetric algorithm are designed so that the key used for encryption is 
different from the key used for decryption. Therefore, it must generate a key pair 
for the first user and the second user); 

making the first private key available only to the first user and the second 
private key only to the second user (e.g. col. 7, lines 49-59); and 

encrypting the first subset of the encryption keys using the first public 
encryption key, and the second subset of the encryption keys using the second 
public encryption key (e.g. col. 10, lines 27-35). 

As per claims 3 and 13, the combined teachings of Kern et al. and 
Kohara et al. discloses a method/apparatus as applied above in claims 2 and 12. 
Kern et al. further discloses comprising: 
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storing the first private key and the second private key in a secure memory unit ( 
Kern et al. - e.g. col. 5, lines 33-48); 

protecting access to the first private key with a first authentication token, the first 
authentication token being known only to the first user (e.g. col. 9, line 63 - col. 
10, line 9); and 

protecting access to the second private key with a second authentication token, 
the second authentication token being known only to the second user (e.g. col. 9, 
line 63 -col. 10, line 9). 

As per claims 4 and 14, the combined teachings of Kern et al. and 
Kohara et al. discloses a method/apparatus as applied above in claims 3 and 13. 
Kern et al. further discloses comprising: 

requesting an authentication token from a user attempting to access one or more 
of the non-volatile storage regions (e.g. col. 2, line 64 - col. 3, line 9); 
authenticating the user, if the user's authentication token matches 
one of the authentication tokens used to protect access to one of the private 
keys (e.g. col. 2, line 64 - col. 3, line 9); 

decrypting, with the secure encryption module using the authenticated 
user's private key, a corresponding subset of encryption keys, in response to 
authenticating the user (e.g. col. 10, lines 10-35); and 
decrypting a corresponding subset of non-volatile storage regions, thereby 
making the corresponding subset of non-volatile storage regions available to the 
authenticated user (e.g. col. 10, lines 10-35). 
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As per claims 5 and 15, the combined teachings of Kern et al. and 
Kohara et al. discloses a method/apparatus as applied above in claims 3 and 13. 
Kern et al. further discloses wherein the authentication tokens are selected from 
the group consisting of: passwords, fingerprints signatures, voice signatures, 
retina signatures, and secure access devices (e.g. col. 7, lines 49-62). 

As per claims 6 and 16, the combined teachings of Kern et al. and 
Kohara et al. discloses a method/apparatus as applied above in claims 4 and 14. 
Kohara et al. further discloses wherein the encrypting and decrypting the plurality 
of non-volatile storage regions are performed using full-disk encryption software 
("In an encryption storage apparatus. . . " - e.g. abstract). 

As per claims 7 and 17, the combined teachings of Kern et al. and 
Kohara et al. discloses a method/apparatus as applied above in claims 1 and 11. 
Kern et al. further discloses wherein one of the non-volatile storage regions is 
adapted to store an operating system and data common to the first user and to 
the second user (e.g. col. 1, lines 45-50 and col. 1, lines 59-65). 

As per claims 8 and 18, the combined teachings of Kern et al. and 
Kohara et al. discloses a method/apparatus as applied above in claims 1 and 11. 
Kern et al. further discloses wherein one of the non-volatile storage regions is 



Application/Control Number: 10/718,786 
Art Unit: 2135 



Page 9 



adapted to store user-specific data of the first user (e.g. col. 1 , lines 45-46 and 
lines 49-50). 

As per claims 9 and 19, the combined teachings of Kern et al. and 
Kohara et al. discloses a method/apparatus as applied above in claims 1 and 11 
Kern et al. further discloses wherein one of the non-volatile storage regions is 
adapted to store user-specific data of the second user (e.g. col. 1, lines 45-46 
and lines 49-50). 

As per claims 10 and 20, the combined teachings of Kern et al. and 
Kohara et al. discloses a method/apparatus as applied above in claims 1 and 11. 
Kern et al. further discloses wherein the non-volatile storage regions are chosen 
from the group consisting of: volumes, disks, partitions, and folders/directories 
("..The storage 108 may be implemented by one or more storage devices of 
various types, such as magnetic disk drive, magnetic tape, optical disk..." - e.g. 
col. 5, line 60 - col. 6, line 4 and "The nonvolatile storage 206 may comprise, for 
example, one or more magnetic data storage disks such as a "hard drive", a tape 
drive, or any other suitable storage device" - e.g. col. 6, lines 23-25). 

As per claims 21-30, the combined teachings of Kern et al. and Kohara et 
al. discloses the claimed method of steps as applied above in claims 1-10. 
Therefore, the combined teachings of Kern et al. and Kohara et al. disclose the 
claimed computer program product for carrying out the method of steps. 
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Conclusion 

8. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. (See PTO -892) 
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Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to April Y. Shan whose telephone number is 
(571) 270-1014. The examiner can normally be reached on Monday - Friday, 
8:00 a.m. -5:00 p.m., EST. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Kim Y. Vu can be reached on (571) 272-3859. The fax 
phone number for the organization where this application or proceeding is 
assigned is 57 1 -273-8300. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
91 99 (IN USA OR CANADA) or 571-272-1 000. 
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